VDB

GHSA-qv8j-hgpc-vrq8

GHSA-qv8j-hgpc-vrq8 PUBLISHED CVSS 8.600000381469727 HIGH

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication.

Risk Scores

CVSS v4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/U:Amber

Affected Products

VendorProductVersions
Google CloudVertex AI SDK for Python1.98.0 <1.131.0
Google CloudVertex AI SDK for Python1.98.0

Timeline

  • CVE Published
  • Mar 2, 2026 Security Advisory
  • Mar 10, 2026 Security Advisory
  • Mar 10, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›